Does your practice have a written identity theft program?
With small-animal practitioners deferring payments and large-animal veterinarians billing their clients, there is no doubt that the "Red Flags" provision of the Fair and Accurate Credit Transactions Act (FACTA), which became effective May 1, applies to the veterinary profession.
The Red Flags Rule requires veterinary practices and other entities that defer payments or extend credit to develop, implement and administer a written Identity Theft Prevention Program.
This program must include the following four basic elements, which together create a framework to address the threat of identity theft:
The rule contains guidelines for setting up a program, but does not tell you specifically what to include. However, it does require that you address five key categories of red flags or warning signs:
1. Alerts, notifications and warnings from a credit reporting bureau
2. Suspicious documents
3. Suspicious personnel identifying information
4. Suspicious account activity
5. Notices from clients, victims of identity theft or law-enforcement authorities about possible identity theft.
Which categories apply to veterinary practices? (Answer: 2, 3, and 5)
Now let's look at how the Red Flags Rule applies to the following experiences many of us may have encountered in our practices:
1. A client moving from New York to Florida asks you to fax their pet's medical record to a veterinary practice in Florida. Any ID theft red flags here?
2. A client who can't pay a bill in full asks to make payments over time with multiple checks. What are the red flags?
3. A client's daughter brings in the family pet because of a urinary infection. Your diagnostic work-up and medical treatment exceed the amount of cash the client gave her daughter for the treatment. Your receptionist contacts the client, who gives her credit-card information over the phone. What are the red flags in this situation?